Re: What ASN.1 got right

[Phillip Hallam-Baker <phill@hallambaker.com>]

On Tue, Mar 2, 2021 at 1:06 AM Nico Williams <nico@cryptonector.com> wrote:

> On Tue, Mar 02, 2021 at 12:28:03AM -0500, Phillip Hallam-Baker wrote:
>
> > None of the systems on the table in 1995 is going to work and if you want
> > to understand why go get a machine that SHIPPED with Windows 95, boot it
> > and see what we had to work with.
> >
> > PKIX and the WebPKI were built for 30MHz machines with 32 bit processors
> > and 4MB of memory.
>
> I don't follow.  Given all the CPU, RAM, and storage available now, what
> would you do differently?  Mesh, yes, I know, but, remind me how Mesh
> uses all that extra HW that PKIX leaves on the table?
>

The original goal of the Mesh was to make computers easier to use by making
them more secure.

WebPKI is really limited to authenticating organizations. Private key
management considerations are pretty much out of scope. The assumption is
that Alice has a public key pair which is stretched to separate keys for
encryption and decryption.

The Mesh has a separate key for every function and for every device and
application. So if Alice has a dozen machines connected to her Mesh, they
each have separate encryption, authentication and signature keys. And they
are all used for threshold operations which really don't fit into the RSA
scheme of things.

Introducing more keys allows me to deal with all the real world use cases
that get ignored like what to do if Alice loses her phone, if she is
planning to go through an airport in a hostile police state, etc. etc.

Sure, now I have the architecture, we could go back and spend ten years
working out how to retrofit to PKIX. Or we could write some end to end
secure applications that are exactly as easy to use as the applications
people use today. I am talking about zero user impact security, zero trust
models, etc.

Social media where the service cannot read any of the posts.



> > If you want a decent PKI for user authentication you need to be willing
> to
> > do Internet2 for PKI and do some blue sky research.
>
> No please.  That's how we got X.500 naming to begin with.  Subject Alt
> Names exist because X.500 failed.
>
> SMTP and RFCx822-style email address naming killed X.400 because X.400
> inherently meant an awful UX.  X.500 naming needs to die.
>

I come to bury X.500 naming, not to praise it.

People don't have DNS names and a majority of people on the planet can't
afford $10/yr to rent one. And that tomato has sailed.

We need names that cost $0.10 for life. If we can get the price that low,
we can get to universal coverage some day. We can find someone to pay even
if the end user can't afford it.

$10/yr is a thousand bucks over a lifetime. Won't be able to find someone
to sign that check for the planet.